feat: separate launcher config, library functions

CMakeLists.txt

@@ -18,7 +18,7 @@ set(VERSION_SCRIPT ${PROJECT_SOURCE_DIR}/version_script.txt)
 include_directories(${CMAKE_CURRENT_SOURCE_DIR}/libseccomp/include)
 
 # Targets
-add_library(woj_sandbox SHARED ${PROJECT_SOURCE_DIR}/library.c ${SRC_FILES})
+add_library(woj_sandbox SHARED ${PROJECT_SOURCE_DIR}/library.c ${PROJECT_SOURCE_DIR}/inject.c ${SRC_FILES})
 add_executable(woj_launcher ${PROJECT_SOURCE_DIR}/launcher.c)
 add_executable(woj_test ${PROJECT_SOURCE_DIR}/test.c)
 

inject.c

@@ -0,0 +1,3 @@
+#include "library.h"
+
+static __attribute__((constructor)) void inject(void) { setup_all(); }

launcher.c

@@ -1,4 +1,6 @@
+#include "launcher.h"
 #include "err.h"
+#include "library.h"
 #include "resource.h"
 #include "sandbox.h"
 #include "utils/log.h"
@@ -13,21 +15,7 @@
 #include <time.h>
 #include <unistd.h>
 
-enum ConfigIndex {
-    memory_limit = 0,
-    nproc_limit,
-    time_limit,
-    sandbox_path,
-    sandbox_template,
-    sandbox_action,
-    file_input,
-    file_output,
-    file_info,
-    program,
-    CONFIG_INDEX_MAX
-};
-
-char *config[CONFIG_INDEX_MAX];
+char *config[is_valid + 1];
 
 void print_help(char *self) {
     LOG_WARN("Usage:");
@@ -58,29 +46,31 @@ void parse(int argc, char *argv[]) {
         [file_output]      = {"file_output",      required_argument, NULL, 0},
         [file_info]        = {"file_info",        required_argument, NULL, 0},
         [program]          = {"program",          required_argument, NULL, 0},
-        [CONFIG_INDEX_MAX]     = {"help",             no_argument,       NULL, 0},
-        [CONFIG_INDEX_MAX + 1] = {NULL,               0,                 NULL, 0}
+        [is_valid]         = {"help",             no_argument,       NULL, 0},
+        [is_valid + 1]     = {NULL,               0,                 NULL, 0}
     };
 
     int c, idx = 0;
     while ((c = getopt_long_only(argc, argv, "", options, &idx)) != -1) {
         if (c != 0) break;
 
-        if (idx < CONFIG_INDEX_MAX)
+        if (idx < is_valid)
             config[idx] = optarg;
-        else if (idx == CONFIG_INDEX_MAX) {
+        else if (idx == is_valid) {
             print_help(argv[0]);
             exit(0);
         }
     }
 
-    for (int i = 0; i < CONFIG_INDEX_MAX; i++) {
+    for (int i = 0; i < is_valid; i++) {
         if (!config[i]) {
             print_help(argv[0]);
             LOG_ERR("Missing arguments");
             exit(ERR_ARGUMENTS);
         }
     }
+
+    config[is_valid] = (char *)1;
 }
 
 void launch_child() {

launcher.h

@@ -0,0 +1,20 @@
+#ifndef WOJ_SANDBOX_LAUNCHER_H
+#define WOJ_SANDBOX_LAUNCHER_H
+
+enum ConfigIndex {
+    memory_limit = 0,
+    nproc_limit,
+    time_limit,
+    sandbox_path,
+    sandbox_template,
+    sandbox_action,
+    file_input,
+    file_output,
+    file_info,
+    program,
+    is_valid
+};
+
+char *config[is_valid + 1] __attribute__((weak));
+
+#endif // WOJ_SANDBOX_LAUNCHER_H

library.c

@@ -1,3 +1,4 @@
+#include "launcher.h"
 #include "resource.h"
 #include "rules/lang.h"
 #include "sandbox.h"
@@ -6,7 +7,7 @@
 #include <fcntl.h>
 #include <unistd.h>
 
-static __attribute__((constructor)) void inject(void) {
+void setup_all(void) {
     char    comm[64];
     int     fd  = open("/proc/self/comm", O_RDONLY);
     ssize_t len = read(fd, comm, sizeof(comm));
@@ -16,6 +17,12 @@ static __attribute__((constructor)) void inject(void) {
 
     LOG_INFO("Setting up sandbox for %s(%d)", comm, getpid());
 
+    if (config[is_valid]) {
+        LOG_INFO("Using config from launcher");
+    } else {
+        LOG_INFO("Using config from environment");
+    }
+
     register_lang_c_cpp();
     setup_rlimit();
     setup_seccomp();

library.h

@@ -0,0 +1,6 @@
+#ifndef WOJ_SANDBOX_LIBRARY_H
+#define WOJ_SANDBOX_LIBRARY_H
+
+void setup_all(void) __attribute__((weak));
+
+#endif // WOJ_SANDBOX_LIBRARY_H